Fix result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Michal (2015-08-10 22:04:22) Run:1
Running from C:\Users\Michal\Downloads
Loaded Profiles: UpdatusUser & Michal (Available Profiles: UpdatusUser & Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CustomCLSID: HKU\S-1-5-21-1951255329-4283516015-3182968858-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2014\pl-PL\acadltficn.dll No File
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Program Files (x86)\MiuiTab
Task: {018E53FC-CE6E-4A9C-A823-8D67E865ECBA} - System32\Tasks\{FD9D3691-B9CA-4D80-ACAD-F9FAACFE1070} => pcalua.exe -a C:\MANTIS\PROG\EDITMINI.EXE -d C:\MANTIS\PROG
Task: {A8A8C73A-8156-4865-9A5F-BF06B12FDBB3} - System32\Tasks\{03AF7871-BB33-4821-A2B6-D8AE67F2C7C2} => pcalua.exe -a "C:\Users\Michal\AppData\Local\Temp\Temp1_Autodesk AutoCAD 2005-Keygen.zip\Autodesk AutoCAD 2005-Keygen.exe"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1438890165&z=80c6d47387337887165c44cg7z5c2bdbet2eae6taq&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1438890165&z=80c6d47387337887165c44cg7z5c2bdbet2eae6taq&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&q={searchTerms}
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1438890165&z=80c6d47387337887165c44cg7z5c2bdbet2eae6taq&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&q={searchTerms}
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1438890165&z=80c6d47387337887165c44cg7z5c2bdbet2eae6taq&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&q={searchTerms}
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts=1438890206&z=0a19d74f134dbc5d71e3688g9zcc9b5bctfeeg1c9m&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1951255329-4283516015-3182968858-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&ts=1438890221&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1951255329-4283516015-3182968858-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&ts=1438890221&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1951255329-4283516015-3182968858-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&ts=1438890221&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1951255329-4283516015-3182968858-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_82C4S02HSXX82C4S02HS&ts=1438890221&type=default&q={searchTerms}
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-08-04] (Good Co. Limited)
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\searchplugins\istartsurf.xml [2015-08-10]
FF Extension: Default SearchProtected - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\Extensions\defsearchp@gmail.com [2015-08-06]
FF Extension: deskCut - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\Extensions\deskCutv2@gmail.com [2015-08-06]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\extensions\deskCutv2@gmail.com
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-08-07] <==== ATTENTION
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-08-04] (XTab system)
R2 WindowsMangerProtect; C:\ProgramData\UWinManProU\ProtectWindowsManager.exe [708264 2015-08-06] (DTools LIMITED) <==== ATTENTION
C:\ProgramData\UWinManProU
2015-08-06 21:44 - 2015-08-06 21:44 - 00000000 ____D C:\ProgramData\Installations
2015-08-06 21:43 - 2015-08-06 21:44 - 00000000 ____D C:\ProgramData\UWinManProU
2015-08-06 21:43 - 2015-08-06 21:43 - 00000000 ____D C:\Users\Michal\AppData\Roaming\istartsurf
2015-08-06 21:43 - 2015-08-06 21:43 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-08-06 21:43 - 2015-08-06 21:43 - 00000000 ____D C:\Program Files (x86)\TermCoach_1.10.0.21
2015-08-06 21:43 - 2015-08-06 21:43 - 00000000 ____D C:\Program Files (x86)\MiuiTab
EmptyTemp:
*****************

"HKU\S-1-5-21-1951255329-4283516015-3182968858-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}" => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully

========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========

C:\Program Files (x86)\MiuiTab => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{018E53FC-CE6E-4A9C-A823-8D67E865ECBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{018E53FC-CE6E-4A9C-A823-8D67E865ECBA}" => key removed successfully
C:\Windows\System32\Tasks\{FD9D3691-B9CA-4D80-ACAD-F9FAACFE1070} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD9D3691-B9CA-4D80-ACAD-F9FAACFE1070}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8A8C73A-8156-4865-9A5F-BF06B12FDBB3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A8C73A-8156-4865-9A5F-BF06B12FDBB3}" => key removed successfully
C:\Windows\System32\Tasks\{03AF7871-BB33-4821-A2B6-D8AE67F2C7C2} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{03AF7871-BB33-4821-A2B6-D8AE67F2C7C2}" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully
HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found. 
"HKU\S-1-5-21-1951255329-4283516015-3182968858-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}" => key removed successfully
Firefox "newtab" removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\searchplugins\istartsurf.xml => moved successfully.
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\Extensions\defsearchp@gmail.com => moved successfully.
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\sc0l9298.default\Extensions\deskCutv2@gmail.com => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\defsearchp@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com => value removed successfully
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully.
IHProtect Service => Service stopped successfully.
IHProtect Service => service removed successfully
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => service removed successfully
C:\ProgramData\UWinManProU => moved successfully.
C:\ProgramData\Installations => moved successfully.
"C:\ProgramData\UWinManProU" => File/Folder not found.
C:\Users\Michal\AppData\Roaming\istartsurf => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
C:\Program Files (x86)\TermCoach_1.10.0.21 => moved successfully.
"C:\Program Files (x86)\MiuiTab" => File/Folder not found.
EmptyTemp: => 3.9 GB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 22:10:25 ====